RHAPIS – Network Intrusion Detection Systems Simulator

Network intrusion detection systems simulator. RHAPIS provides a simulation environment through which user is able to execute any IDS operation.

Basic Usage
Type HELP in the console in order to see the available commands. RHAPIS is written in Lua language. You need to have installed Lua in order to run RHAPIS.
The first commands that you must enter in order to install a virtual network intrusion detection system are the following:SET NETIP1 [ip address], basic address of network in which NIDS is installed (network counters are 1-6).SET HOSTIP1 [ip address], address of a host inside NIDS (host counters are 1-6).INCLUDE config, loads a random configuration fileINCLUDE ruleset, reads a set of rules that will be identified by the intrusion detection system
Now you have activated detectability.SET ATTHOSTIP1 [ip address]. With the current command you set an attacker’s identity. In this way, you will be able to make virtual attacks on random destinations by using the command ATTACK afterwards.

Host counters are again 1-6.
In order your attacks to be recognized by the intrusion detection system, you need to attack hosts that are part of the established network intrusion detection system.
For example:

SET HOSTIP1 7.7.7.7
ATTACK XSS 7.7.7.7
ATTACK XSS 9.9.9.9
DETECT XSS

In the above commands, the attack which will only be identified by NIDS will be that on destination address 7.7.7.7 because this is an active host of the network in which NIDS is installed.